Abstract: Modern Multiprocessor System-on-Chip (MPSoC) distributes applications across multiple IPs, whereas Network-on-Chip (NoC) is a widely adopted solution for IP-to-IP data exchange. Since different IPs are provided by multiple third-party suppliers, and the credibility of third-party suppliers is often difficult to guarantee, ensuring secure data communication among essential IPs has become an important research issue. This paper constructs NoC security zones according to the requirements of applications, and implements protective measures for security zone members which may be attacked. The data transmitted between members will be authenticated and encrypted to ensure the security of the data. At the same time, the detection and location of malicious nodes are realized through hop to hop authentication in the process of packet routing. For the malicious nodes that are located, the proposed architecture can isolate them through partial adaptive routing method to prevent malicious nodes from harming data security again. On the garnet framework of gem5's ruby memory model, the design has been implemented and verified. Experiment results indicate that our proposed architecture can ensure the validity and reliability of NoC data transmission, while having less impact on the performance of system.